Encrypted email provider Protonmail has hailed a recent Swiss legal ruling as a "victory for privacy," after winning a lawsuit that sees it exempted from data retention laws in the mountainous realm.
Referring to a previous ruling that exempted instant messaging services from data capture and storage laws, the Protonmail team said this week: "Together, these two rulings are a victory for privacy in Switzerland as many Swiss companies are now exempted from handing over certain user information in response to Swiss legal orders."
Switzerland's Federal Administrative Court ruled on October 22 that email providers in Switzerland are not considered telecommunications providers under Swiss law, thereby removing them from the scope of data retention requirements imposed on telcos.
The victory comes after controversy over a previous (and not directly related) Swiss court order that forced the company to collect mobile device push notification identifiers from a specified user's account. That user was later arrested by French police, who had asked their Swiss counterparts to obtain the surveillance order.
Protonmail chief exec Andy Yen told The Register his business doesn't routinely collect such data on its users.
"We expect there to be further attempts to force tech companies to undermine privacy in both Switzerland and abroad, and we are committed to continuing to challenge this through both our encryption technology and through the courts," Yen also told Reuters.
- ProtonMail deletes 'we don't log your IP' boast from website after French climate activist reportedly arrested
- Proton welcomes Sir Tim Berners-Lee to its advisory board – as ProtonMail suffers a privacy backlash
- Epic, Spotify, ProtonMail and pals rise up as one against Apple's 30% cut, call for end to Cupertino-style markets
- ProtonMail-run website boasting 'complete guide' to GDPR left credential-baring .git repo exposed online
A couple of years ago more controversy arose after a Swiss prosecutor described Protonmail as "voluntarily" offering help to police and government surveillance agencies.
The Swiss legal victory is a stark contrast to the position in Britain, where the government's wide-ranging Online Safety Bill seems certain to make the World Wide Web a more dangerous place for netizens.
Under current plans Britons will be forced to hand over personal data to "age verification" startups to continue freely browsing the internet as they do today. Government thinkers believe they can create a "safety tech" sector off the back of this potentially harmful idea and market it to foreign countries' governments as a British innovation.
Only today one such age verification company, Yoti, bragged to the press that its technology can scan under-13s' faces in real time to determine their true age. Its press statement claimed that the data is "instantly deleted" – a far cry from Switzerland's position on mere email providers. ®